Filtering protocol traffic from Citrix users in Stand-Alone mode
- Article Number: 000001472
- Products: Forcepoint URL Filtering, TRITON AP-WEB, Web Filter & Security, Web Security and Web Filter
- Version: 8.5, 8.4, 8.3, 8.2, 8.1, 8.0, 7.8, 7.7, 7.6, 7.5, 7.1, 7.0
- Last Published Date: June 12, 2020
Notes & Warnings
My current deployment is Websense Stand-Alone. I can only filter http, https, and ftp traffic from the Citrix plug-in. How do I filter protocol traffic from my Citrix users?
This configuration is for Stand-Alone only. The Citrix plug-in can only send username/ip information, http, https, and ftp traffic. To avoid double filtering with the current Stand-Alone Filtering Service + Network Agent, you will need to enter exceptions on the monitoring interface for all Citrix servers running the Citrix plug-in. You will then need a second Filtering Service and Network Agent integrated with Citrix. The "integrated" Network Agent is needed so that it will only monitor/block "protocol" traffic, not http. A second stand-alone Network Agent will not work as you do not want NA monitoring HTTP traffic that the Citrix Plug-in are already forwarding to the Filtering Service.
Keywords: citrix plug-in; citrix; vdi; integration; protocol filtering